‫ Windows 10 - Privacy and Security Features at a Glance (Part 2)

ID: IRCAR201503250
Date: 2015-03-02
In this article we take a more detailed looked at some of the security features that are going to be released in the new version of Windows 10.
In the previous article (part one) we looked at some of the security features that were going to be released in the new version of Windows 10 later in 2015, in this article (part two) we cover in a bit more detail the explanations of those features and what we have researched as well as some topics that have been mentioned at Microsoft previews. Although this information is not set in stone these are features that are likely to be in Windows 10.
What we know so far about Windows 10
Although Windows 10 previews are well underway, we need to keep in mind that that is exactly what they are- a preview. Our researchers have gathered information from many reliable sources, from the previews, from Microsoft employees and users alike, but things may change before the official release date expected in 2015. Every couple of weeks Microsoft is releasing a set of revised features as and when various additions and changes are found to be necessary.
Below are some of the technical features that Microsoft has highlighted will be present in the Windows 10 as a continuation of the previous article. The features will prove beneficial for both consumers and organisations.
Some security features explained
Securing Identities
Multi-factor authentication is going to be built into the OS, using the device itself in the form of a hashed signature as the first factor and the PIN or biometric reader as the second factor to authenticate. Access is only possible through physical access to the device combined with access via the personal identification number (PIN) or biometrics, perhaps a fingerprint. Additional hardware security peripherals will not be necessary to secure the identity. Being able to use two-factor authentication in this manner should prove to be more convenient and user friendly.
The built in two-factor authentication will assist to deter current security threats and improve securing identities and strengthen access control. This feature is available today but with significant amounts of configuration, hopefully it’s simpler and easier to implement in Windows 10.
This is a step in the right direction, towards the initiation of normalising two-factor authentication and perhaps the route to the demise of less secure single-factor authentication options such as passwords. It’s time we saw the end of passwords and this seems like the start.
Access control is strengthened through the utilisation of the device as the credential. The user may register one or all of their devices with their credentials. If opting for one device, a tablet for example, the tablet will invariably act as the first factor of authentication, as the mobile credential for the other devices, services and networks. As long as the tablet is in close vicinity of the users other devices being utilised, a laptop for example, it can be used to gain access to those devices via Bluetooth or a wireless connection.
The credential is either a key-pair that is generated cryptographically by Windows or a certificate supplied to the device for an existing public key infrastructure (PKI). Active directory will support the management of the credentials.
This allows some enterprise flexibility if an organisation is using existing PKI. The options set out in this manner for credential, allows for utilisation across multiple platforms and infrastructures, which is essential through organisations and encompasses majority of user requirements.
With the utilisation of the Hyper-V Secure Execution Environment, access tokens generated after login, which can bring an element of security risk if used maliciously for identity impersonations, are contained (running above the Hyper-V) and made inaccessible, even if the windows kernel is compromised, significantly improving security and risk of credential theft.
Related Posts:


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 15 فروردین 1394



امتیاز شما
تعداد امتیازها:0